Step 22: Configure the Financial Reporting database
Execute the following Script
.\Initialize-Database.ps1 -ConfigurationFilePath .\ConfigTemplate.xml -ComponentName MR
The script will do the following:
a. Create an empty database named
FinancialReporting.
b. Map the users to database roles based on the following table.
Step 23: Encrypt Credentials:
On any client machine, install the encipherment certificate in the LocalMachine\My certificate store.
Grant the current user read access to the private key of this certificate.
Create the Credentials.json file, as shown here.
{
"AosPrincipal": {
"AccountPassword": "Dynamo@123"
},
"AosSqlAuth": {
"SqlUser": "axdbadmin",
"SqlPwd": "Dynamo@123"
}
}
Dynamo@123 is the encrypted domain user password for the AOS domain user (local\axserviceuser).
SqlUser is the encrypted SQL user (axdbadmin) that has access to the Finance and Operations database (AXDB), and
Dynamo@123 is the encrypted SQL password.
Copy the .json file to the SMB file share, \\AOS1\agent\Credentials\Credentials.json.
Why this accounts and Password has to be encrypted? While deploying the Application from LCS ,the script checks the encrypted Passwords and Users.If this step is not executed Properly,the deployment will fail.
Install
Install the Microsoft Azure Service Fabric SDK before executing script
Execute the below script to get encrypted Values.The Script has to executed 3 times to get the Value
For AccountPassword
Invoke-ServiceFabricEncryptText -Text Dynamo@123 -CertThumbprint 9A5A0A92E7C62CA65FF14E6F9C9ECE9F6B76FA1A -CertStore -StoreLocation LocalMachine -StoreName My | Set-Clipboard
Execute the Script and open a notepad and ctrl+V to paste the encrypted Value
For SQL USER
Invoke-ServiceFabricEncryptText -Text axdbadmin -CertThumbprint 9A5A0A92E7C62CA65FF14E6F9C9ECE9F6B76FA1A -CertStore -StoreLocation LocalMachine -StoreName My | Set-Clipboard
Execute the Script and open a notepad and ctrl+V to paste the encrypted Value
For SQLPassword
Invoke-ServiceFabricEncryptText -Text Dynamo@123 -CertThumbprint 9A5A0A92E7C62CA65FF14E6F9C9ECE9F6B76FA1A -CertStore -StoreLocation LocalMachine -StoreName My | Set-Clipboard
Execute the Script and open a notepad and ctrl+V to paste the encrypted Value
Now Update the 3 encrypted values in the Credentials.Json file
Step 24:Setup SSIS
To enable Data management and Integration workloads, SSIS must be installed on each of the AOS virtual machines. Complete the following steps on each AOS virtual machine.
- Verify that the machine has access to the SSIS installation and open the SSIS Setup Wizard.
- In the Feature Selection window, in the Features pane, select the Integration Services and SQL Client Connectivity SDK check boxes.
- Complete the setup and verify that the installation was successful.
Step 25:Setup SSRS
To Setup the SSRS Machine refer the MS Document below
https://docs.microsoft.com/en-us/dyn...rs-on-premises
Step26 :Configure ADFS- Open the ADFS Server and add the ADFS feature addition from Server Manger Roles and Features
- Configure the AD FS identifier so that it matches the AD FS token issuer.
Execute the Below code in Adfs machine in Powershell
$adfsProperties = Get-AdfsProperties
Set-AdfsProperties -Identifier $adfsProperties.IdTokenIssuer
Set-AdfsGlobalAuthenticationPolicy -PrimaryIntranetAuthenticationProvider FormsAuthentication, MicrosoftPassportAuthentication
For sign-in, the user's email address must be an acceptable authentication input.
Add-Type -AssemblyName System.Net
$fqdn = ([System.Net.Dns]::GetHostEntry('localhost').HostName).ToLower()
$domainName = $fqdn.Substring($fqdn.IndexOf('.')+1)
Set-AdfsClaimsProviderTrust -TargetIdentifier 'AD AUTHORITY' -AlternateLoginID mail -LookupForests $domainName
Once after the ADFS necessary scripts are executed ,Application group script should be execute
.\Publish-ADFSApplicationGroup.ps1 -HostUrl
https://ax.Local.com
Now after successfully deployed the ADFS ,access the url in AOStype node
https://adfs.local.com/adfs/.well-kn...-configuration
This step is highly important to complete is successfully since the Dynamics on premise user access page opens based on the ADFS redirection Configuration.
You successfully access the URL, a JavaScript Object Notation (JSON) file is returned that contains your AD FS configuration, and you will see that your AD FS URL is trusted.
Step 27: Configure a connector and install an on-premises local agent
Sign in to
LCS, and open the on-premises implementation project.
Select the Project Setting Tab
Create a On Premise Connector and Edit the Configuration Details
Download the Agent Installer and Verify that the zip file is unblocked. Right-click the file, and then select
Properties. In the dialog box, select
Unblock.
Unzip the agent installer on one of the Service Fabric nodes of the
OrchestratorType type.
Enter the Configuration Details
Execute the below script to get the configurations details
.\Get-AgentConfiguration.ps1 -ConfigurationFilePath .\ConfigTemplate.xml
Download the Configuration file and copy the file to the local agent folder
In a
Command Prompt window, run the following command by navigating to the folder that contains the agent installer.
The user who runs this command must have
db_owner permissions on the OrchestratorData database.
LocalAgentCLI.exe Install C:\InfrastructureScripts\Local\LocalAgent-163366\LocalAgent-163366\localagent-config.json
After the Local agent is successfully executed ,which will create 2 applications in Service Fabric
On the
Validate setup tab, select
Message agent to test for LCS connectivity to your local agent. When a connection is successfully established, the page will resemble the following illustration.
